Exchange 2010 trust releanship

Posted on 2011-04-26
Last Modified: 2012-05-11

I was having trouble with my domain controllers and exchange servers because of some hardware issues. Now i needed to restore this machines with back-ups from a week ago.

But now my active directory on domain controller 2 is giving an error.
And I can get log in on my exchange server, so also here are errors
I get following error in loggin in:
         The trust relationship between this workstation and the primary domain failed.

Please help me you get my domain and exchange infrastructe to start again. dc1.txt dc2.txt
Question by:jonas-p
    LVL 9

    Expert Comment

    Firstly, please make sure your DNS Settings are correct, your primary DNS Server on each workstation should be pointing to the SBS Server's own IP address. Access permissions are always scuppered if there are and DNS Issues, and this one is usually to blame. Whilst you are checking the DNS Settings, confirm your Gateway settings are pointing to either your Router, Firewall or SBS if it's configured as so.

    Your problem is the Trust Relationship, A Quick fix is performed by Going into your Network Properties on each station and changing the Domain to a workgroup - call the workgroup anything, click OK, and when your computer says Welcome to the "anything" workgroup, you simply need to OK this, then change the settings back to the Domain, enter the domain, then it should be fine.

    Author Comment


    On my dns settings nothing was changed. The primary dns is the domain controller dc1 and the second dns is configured as domain controller dc2. This is done for all my machines on the network including workstations, exchange server, ... The gateway for all the machines is the ip of my router.
    But like i said nothing was changed in that matter.

    Thanks I know i can fix the issue for my workstations by doing like you said. (Change workgroup - and back to the domain). But that doesn't solve the problem of domain controller 2, dc2. Still on fault.
    Can I do this also for exchange server? Change to workgroup and back to domain?

    LVL 3

    Expert Comment

    Make sure the connectivity part whether you are able to ping DC2 first, if there is no connectivity issues then, you should demote the DC2 and disjoin from the domain and connect again then promote using DCpromo
    LVL 9

    Expert Comment

    Yes do above raj steps it should work.
    LVL 9

    Expert Comment

    Log on locally as a local administrator. In the Network tool of Control Panel, select Change and enter a Workgroup name, leaving the domain. Restart the computer and log on locally as a local administrator.

    There are two methods to rejoin the domain:

        * You can join the domain from the client if at the same time you can provide an administrator username and password on the domain.

        * You can delete the existing computer account in Server Manager, recreate the computer account, synchronize the domain, and then on the client rejoin the domain.

    Author Comment

    Hi guys thanks for the input. So far my domain controllers are back up and no errors are coming up for the next two hours.

    But for the exchange I still have a problem. Like you said i want to changes the domain to the workgroup.
    But I get following message:

    Computer Name/Domain Changes
    The following error occurred attempting to unjoin the domain "":
    The service cannot accept control messages at this time.

    What should i do?
    LVL 3

    Accepted Solution

    If you are not able to disjoin the box from domain, then you may need to focefully remove the AD metatdata from that server . Check below link to further

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Do email signature updates give you a headache?

    Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

    Learn more about how the humble email signature can be used as more than just an electronic business card. When used correctly, a signature can easily be tailored for different purposes by different departments within an organization.
    Email signatures have numerous marketing benefits. Here are 8 top reasons to turn your email signature into a marketing channel.
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now